LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices

Reply
 
Search this Thread
Old 07-08-2008, 10:56 AM   #1
av.dubey
Member
 
Registered: Nov 2007
Posts: 148

Rep: Reputation: 15
Snort - no portscan and tcp alerts in snort


hi i have installed snort using easyids...
has got two nics...eth0 and eth1..
but its not detecting ne portscan as well as tcp alerts...
can neone tell me whats the problem...is there nethin wrong in my snort.conf file..
 
Old 07-09-2008, 04:04 AM   #2
Mr. C.
Senior Member
 
Registered: Jun 2008
Posts: 2,529

Rep: Reputation: 59
Let me give you an example of how difficult, or impossible, it is to respond to your brief, vague question:

"My car doesn't run when I get in. I'm using the correct key. Can somone tell me the whats wrong?"

Please, we're blind out here, and need you to be our eyes, and feed us real data, real logs, real output.
 
Old 07-10-2008, 12:01 AM   #3
oakleeman
LQ Newbie
 
Registered: Jul 2008
Posts: 4

Rep: Reputation: 0
welcome to my world, I'm the developer of EasyIDS and see these vague questions on a daily basis. Have you read any of the documentation?
 
Old 07-10-2008, 12:01 AM   #4
oakleeman
LQ Newbie
 
Registered: Jul 2008
Posts: 4

Rep: Reputation: 0
Quick Install Guide
Complete Setup Guide
 
Old 07-10-2008, 12:13 AM   #5
Mr. C.
Senior Member
 
Registered: Jun 2008
Posts: 2,529

Rep: Reputation: 59
Deep breath... relax... breath... deep breaths. Ahhh...
 
Old 07-10-2008, 12:25 AM   #6
oakleeman
LQ Newbie
 
Registered: Jul 2008
Posts: 4

Rep: Reputation: 0
hehe, it's all good.
 
Old 07-11-2008, 09:56 PM   #7
av.dubey
Member
 
Registered: Nov 2007
Posts: 148

Original Poster
Rep: Reputation: 15
hey ..this is not the way to ask more details..u guys may be great in linux but dat doesnot mean you will treat guys like us like this...
i have been using this forum for quiet a long time but had never got such replies...

instead of this you could have told me abt wat all details i should post..so dat if possible you guys can help me out..
m still not clear wat more details i should give...
i have installed easyids and its detecting all other alerts except the portscan alerts...
under sfportscan also in snort.conf file i have checked everything but it seems to be all right...

can neone tell me wats the problem...or wat more details i should paste here to make me more elaborate..


and reagaring logs..i don know whether MR.C knows nething abt easyids or not...
if i would have been gettin portscan alerts den there would have been no need of posting my question here..
m not gettin ne logs ....
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Snort/base and portscan El Fluffo Linux - Security 0 11-03-2007 03:20 PM
Why would snort logs show portscan/portsweep slackhack Linux - Security 3 09-05-2007 11:39 AM
snort alerts lord-fu Linux - Security 1 11-25-2005 03:28 PM
SNORT - (portscan) UDP Portsweep ddaas Linux - Security 2 07-06-2005 02:24 AM
Snort Alerts ?? zahra79 Linux - Networking 5 06-22-2005 05:11 AM


All times are GMT -5. The time now is 06:24 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration